Security NewsWatch

NSI Security NewsWatch Banner

A weekly roundup of news, trends and insights designed exclusively for security professionals. This publication is intended for security staff only.

View in Your Browser at

In this issue — October 19, 2016

  • Ex-Marine General Pleads Guilty in Leak Case
  • Slow Implementation of Insider Threat Programs Didn’t Cause Latest Incident
  • NCIS Agent Gets 12 Years for Leaks to Malaysian Contractor
  • CIA Prepping for Possible Cyber Strike Against Russia
  • Survey: Most Companies Will Phase Out Passwords
  • Judge Says Chinese Nuclear Espionage Suspect Hiding Cash
  • Russia Denies Allegations of Election Hacks
  • The Growing Threat of Cyber Mercenaries
  • Security Fears as FBI Contracts Out Sensitive Surveillance Docs
  • Enterprises Outsmart Selves on Security while Attackers Use Common Techniques

Ex-Marine General Pleads Guilty in Leak Case (NYT, 10/17/16)

James E. Cartwright, a retired Marine Corps general who as vice chairman of the Joint Chiefs of Staff served as a key member of President Obama’s national security team, has agreed to plead guilty to lying to the FBI about his discussions with reporters about Iran’s nuclear program.  General Cartwright entered the guilty plea before Judge Richard J. Leon of Federal District Court for the District of Columbia.

As part of the deal, prosecutors and defense lawyers agreed that under sentencing guidelines, the punishment could range from a $500 fine to six months in prison.  However, the government reserved the right to argue for a higher sentence, and the judge is not bound by the guidelines.  Judge Leon set a sentencing hearing for Jan. 17. More

Slow Implementation of Insider Threat Programs Didn’t Cause Latest Incident (Federal New Radio, 10/17/16)

Agencies continue to struggle to establish insider threat programs.  Many missed the deadline to hit initial operating capability in December 2015, and many still will miss the December 2016 deadline to hit full operational capability.  The National Insider Threat Task Force (NITTF) says a combination of “organizational culture, legal questions, and resource identification” are among the obstacles preventing agencies from meeting the goal.

All of these delays and challenges with creating an insider threat program would seemingly point to yet another reason why Harold Thomas Martin III, 51, of Glen Burnie, Maryland, allegedly was successful in taking classified materials from the National Security Agency over a two-year period.  Experts, however, say the insider threat program is neither the problem nor the answer.  Instead, they say, reducing the risk of federal employees or contractors becoming threats goes back to security clearances. More

NCIS Agent Gets 12 Years for Leaks to Malaysian Contractor (Daily Mail, 10/15/16)

A former Naval Criminal Investigative Service agent has been sentenced to 12 years in federal prison for leaking information to a defense contractor in exchange for cash, luxury travel, and the services of prostitutes, the U.S. Justice Department said.

John Bertrand Beliveau, 47, of York, Pennsylvania, had pleaded guilty to helping Singapore-based contractor Leonard Francis, also known as “Fat Leonard,” perpetrate a fraud scheme on the U.S. Navy by providing classified information that allowed Francis to thwart a criminal fraud investigation of the company. More

CIA Prepping for Possible Cyber Strike Against Russia (NBC News, 10/14/16)

The Obama administration is contemplating an unprecedented cyber covert action against Russia in retaliation for alleged Russian interference in the American presidential election, U.S. intelligence officials say.  Current and former officials with direct knowledge of the situation say the CIA has been asked to deliver options to the White House for a wide-ranging “clandestine” cyber operation designed to harass and “embarrass” the Kremlin leadership.

The sources did not elaborate on the exact measures the CIA was considering, but said the agency had already begun opening cyber doors, selecting targets, and making other preparations for an operation.  Former intelligence officers said the agency had gathered reams of documents that could expose unsavory tactics by Russian President Vladimir Putin. More

Survey: Most Companies Will Phase Out Passwords (CSO, 10/14/16)

A new survey has found that most organizations are leaning toward phasing out password authentication.  The results come from Wakefield Research, which surveyed 200 IT decision makers in the U.S. last month.  Almost 70% of the respondents said they will probably do away with passwords completely in the next five years.

Password login systems, though commonplace, are too vulnerable to hacking, according to SecureAuth, the company that commissioned the study.  “It’s indisputable that passwords aren’t a safe authentication method,” SecureAuth CEO Craig Lund said.  “They [IT decision makers] recognize that and want to get away from them.” More


People Are the New Security Perimeter

Technology may be one aspect of cyber security, but the real challenge is managing the human element. It’s your people who are the first and best line of defense. Today there are more threats, more vulnerabilities, more portable storage devices, and there’s increased mobility.  That means educating employees about cyber security is more difficult, demanding and necessary than ever before.

So, how do you make sure that your company’s information assets are protected? The first line of defense is employee awareness – the critical “humanware” component of your cyber security armor. NSI’s SECURITYsense awareness program gives employees the tools and information they need to make security second nature. Find out how this valuable resource can help protect your hard-earned reputation and ensure that your employees are part of the solution and not part of the problem. Click here for more information.


Judge Says Chinese Nuclear Espionage Suspect Hiding Cash (Knoxville News-Sentinel, 10/12/16)

An engineer accused of stealing nuclear secrets for China is swimming in hidden cash he could use to flee the U.S., making it too risky to allow him to go free pending trial, a judge has ruled.  Chief U.S. District Judge Tom Varlan rebuffed a full-­court press by the defense team for Szuhsiung “Allen” Ho, including promises of a $3 million bond and a private security firm, to win Ho’s freedom pending trial in the nation’s first case in which the Chinese government is accused of using an agent to buy American nuclear know-­how.

Ho, his firm Energy Technology International, and Chinese nuclear power plant China General Nuclear Power were indicted in April in U.S. District Court on charges of a plot to lure nuclear experts in the U.S. into providing information to allow China to develop and produce nuclear material based on American technology and below the radar of the U.S. government. More

Russia Denies Allegations of Election Hacks (Bloomberg, 10/12/16)

President Vladimir Putin said the hacking of American political groups for which the U.S. has blamed his government doesn’t serve Russia’s interest and the uproar unleashed is used to divert attention from the disclosures.  Speaking days after the U.S. publicly said for the first time that intelligence agencies are “confident that the Russian government directed” the hacking attack and leaked stolen material in order to interfere with the Nov. 8 presidential election, Putin said last week that finding the party responsible is less important than the fact that the information is now available to the public.

“There is nothing in Russia’s interest,” Putin said in Moscow.  “The hysteria aims only to distract the attention of the American people from the substance of what hackers had put out.  And the substance is the manipulation of public opinion.” More

The Growing Threat of Cyber Mercenaries (Politico, 10/12/16)

Identifying the adversaries behind a cyberattack is often the toughest part of cybersecurity.  Not only are hackers skilled at covering their tracks, but they can plant evidence that implicates an innocent party.  This inability to identify an attacker makes it almost impossible to stop them, or more importantly, prevent such attacks.

Nation-states are increasingly exploiting this challenge by conducting cyber operations through third-party groups—so-called cyber mercenaries.  But despite this growing threat to national security for policymakers, military leaders, and businesses alike, we have not done enough to protect against it. More

Security Fears as FBI Contracts Out Sensitive Surveillance Docs (The Guardian, 10/12/16)

The FBI has contracted with a private firm to handle, distribute, and monitor highly sensitive surveillance documents, in an arrangement veteran FBI agents consider a potential privacy and counterintelligence risk.  Since 2015, the FBI has entrusted a national-security professional services contractor, Aveshka, to prepare, organize, courier, and disseminate surveillance materials, including documentation leading to court orders under the Foreign Intelligence Surveillance Act.

Neither the company nor its employees have been accused of any wrongdoing, but national security has come under renewed scrutiny in the wake of the arrest of a Booz Allen Hamilton employee on suspicion of stealing NSA computer code.  FBI veterans and other surveillance experts consider the bureau to be inserting a private firm as a middleman in surveillance. More

Enterprises Outsmart Selves on Security while Attackers Use Common Techniques (CSO, 10/12/16)

Bad guys use common techniques to steal data, while companies focus too much on sophisticated attacks, according to the second annual Hacker’s Playbook, based on an analysis of nearly 4 million breach methods.  Security professionals are figuring out how to block attacks from state-sponsored, advanced, persistent adversaries, said Itzik Kotler, CTO and co-founder at penetration company SafeBreach, which produced the report.

“But if you look at the different hacks, they’re not all carried out by nation-states,” he said.  “They’re carried out by script kiddies and cybercriminals.”  In fact, while conducting penetration tests on behalf of its customers, SafeBreach found that old standbys are extremely effective. More